MILLIONS OF INDIAN DEBIT CARDS ‘COMPROMISED IN INDIA

MILLIONS OF INDIAN DEBIT CARDS ‘COMPROMISED IN INDIA

MILLIONS OF INDIAN DEBIT CARDS ‘COMPROMISED IN INDIA

It was very much expected.. And know it very well despite of all claims made by Banking Institutions and Technological Experts that “every aspect of your your Online presence are open to breach” … Most of the time by the same Banks, Handling Institutions and Technology Service providers and occasionally to every traditional perils of the world lurking online

The problem

About 30-32 lakh debit cards are learnt to have come under threat of potential fraud after a ATM security breach through malware infestation. According to media reports, the payment systems of Hitachi Payment Services were infested with malware that helped miscreants to steal personal information and do fraudulent transactions.

Banks, cards affected

AreportinThe Economic Timessays citing sources that cards issued by State Bank of India, HDFC Bank, ICICI Bank, YES Bank and Axis Bank as “worst affected”. The cards, as per the report, include 2.6 million of Visa and MasterCard and 6 lakh of RuPay cards.

How the breach happened

The breach might have happened at YES Bank as Hitachi manages the bank’s ATMs, says areportinThe Times of India. The reason why other banks became vulnerable is because YES Bank ATMs see many third party transactions, says the report. What is worrisome is that the breach was effected in such a way that anyone using the bank’s ATMs in the region would risk having data compromised, aPTIreport said citing bankers.

“Data processes of one private bank was compromised which affected other banks’ customers well. Customers who used that bank’s ATM stand to get potentially affected,” thePTIreport quoted a banker as saying without naming the bank. Though the bankers claim the breach has not led to any monetary losses to anyone, theETreport says some customers have complained of unauthorized usage from China.

YES Bank on its part has “proactively undertaken a comprehensive audit of ATMs”. “There is no evidence of a breach or compromise on ATMs. We continue to work with relevant stakeholders, including other public sector and private banks, and NPCI, to ensure utmost safety and security of ATM network and payment services which are completely safe to use,” a bank spokesperson told thePTI.

Hitachi too has denied that its systems have been compromised. “I do not think it is necessary for any bank to reissue cards,” Loney Antony, MD, Hitachi Payment Services, has been quoted as saying in theToIreport.

Steps taken by banks

The breach happened sometime between May and July. Banks have been alerting customers to change the security PIN or even replacing the cards. Bankers have toldPTIthat all measures being taken are to safeguard the system against any potential threat.

RBI steps

ThePTIquotes an RBI official as saying that the central bank is seized of the matter and is looking into the issue. According to theTimes of India, the infested systems have been quarantined and inspected, the affected cards have been spotted. The RBI has also asked banks to inform it about any suspected fraud immediately, the report said.

HEAR THE AUTHORITY

AP Hota, Managing Director and Chief Executive Officer of National Payments Corporation of India – the domestic payment gateway discusses the recent suspected debit card data compromise issue and the lesson we learn from the episode.

What are lessons that we learn from this episode?

One of the lessons that have come out very clearly is that we were thinking that 100 per cent of the customers have linked their mobile number to the bank account, But it is no so. As far the information we have got, it is only 50 per cent of the customers whose mobile numbers are registered with the bank.

NPCI gave a statement yesterday saying there is no need for customers to panic. Why do you say so?

If at all there was any card compromise, if at all, the fraudulent transactions should have happened by now and the customer would have complained. A total 641 complaints have come in the first week of September and not now. And the card compromise, if at all that has happened, it happened in June and July. The fraudsters would have taken sometime to make the cards, and fraudulent transactions would have happened in August and September. By this time, the customers and banks have changed the pin also. If the pin is has not been changed, the card if blocked.

But is there a failure on the part of the bank to educate their customers?

Customer education is a continuous process. We cannot say it is a part of the failure of the banks, but they could have done more.

It has been noticed by several customers that there are some small value transaction for which banks don’t sent alerts…

As per RBI circular, irrespective of the amount the bank should send alerts. RBI has also allowed that if the banks so like they can charge the customers for the mobile alerts service. But some banks have decided not to charge but fixed a transaction limit beyond which they will send the alert. Banks should follow what RBI said and not make their own rules.

Who will compensate the customers for any loss?

RBI has clear guidelines on the issue. As far as the customer is concerned, once it is proven that the transaction is fraudulent, banks will reimburse. And the bank later on would get reimbursed from the bank which is responsible for the fraud.

For example, in the 641 complaints, the largest number if from Axis Bank. Axis Bank will refund the customers and they in turn will get compensated once it is proven that switch of other banks is at fault. There are well laid out ruled for that.

There was not a single complain on RuPay cards, mainly because our RuPay international cards are less. All the complaints were from Visa and Mastercard.

What are the steps that banks should take to avoid such incidents?

All the banks have should have the fraud risk management tool. They can subscribe to NPCI services and most of the banks have subscribed. Banks also must conduct the PCI-DSS audit (Payment Card Industry-Data Security Standard), once in an year to ensure how the data security should be maintained.

Do you think the incident will affect RBI’s vision of a cashless economy?

No don’t think this incident will not effect the RBI’s vision of a cashless economy. I think our payments system is robust.

So you might have heard what the authorities and experts are still claiming..

But, Don’t be fooled.. You are always at risk in Cashless Economy and you will never be the owner of your own wealth..

There are a lot more things you need to know about Cashless System which will really make you cashless.. We will disclose you all at “Arrested Development”.

Share this:

Like this:

LikeLoading...

THE GIST

Now We are living in a world of shifting sides, of terrorism enacted by shadowy entities and populations indirectly under arrest by the system and power, of mass restriction of information, freedom, movement, natural resources and, importantly, technology — technology that would remove the need to fight over resources.

today, the endless (unwinnable) War On Terror and numerous false flag attacks have proven to be effective (albeit transparent) ways to drive both corporate profits and tighter legislative controls of the citizen's, literally taking control of the collective consciousness of humanity.

One of the best ways to gain and maintain power over people and support for doing anything is to keep the people in constant fear — in fear of wars, of outsiders, and more recently, of “terrorism”.

If you want to understand how major world events in the past have happened and happening in your nation are by design and not by mistake keep your seats reserved at Arrested Developments.

Social

Pictoria

AD

Painting: Ramesh Patel, source: www.artzolo.com

DABANGG: means “Courageous and Daring”

Text Widget

This is a text widget. The Text Widget allows you to add text or HTML to your sidebar. You can use a text widget to display text, links, images, HTML, or a combination of these. Edit them in the Widget section of the Customizer.